6 matches found
EUVD-2022-1880
Malicious code in bioql PyPI...
Cross-site Scripting (XSS)
Overview tribalsystems/zenario is a Zenario is a web-based content management system for sites with one or many languages. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the PDF upload functionality. An attacker can inject malicious scripts that are executed in t...
PT-2023-29293 · Unknown · Zenario Cms
Name of the Vulnerable Software and Affected Versions: Zenario CMS version 9.4.59197 Description: A Cross-Site Scripting XSS issue allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias. This enables the attacker to perform unauthorized actions on the...
Zenario CMS SQL注入漏洞
Zenario CMS is a Zenario open source application . Provides a Web-based content management system. A security vulnerability exists in Zenario CMS v8.8.52729, which originates from adminboxes.ajax.php, and allows remote attackers to create a new HTML component by injecting SQL commands in the "cID...
CVE-2018-18420
Cross-Site Request Forgery CSRF vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenariocontent%2Fpanels%2Fcontent URI...
CVE-2018-18420
Cross-Site Request Forgery CSRF vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenariocontent%2Fpanels%2Fcontent URI...